[GRLUG] Linux Systems Compromised
Don Wood
dond at standalelumber.com
Tue Aug 19 09:11:19 EDT 2008
On Tue, 2008-08-19 at 00:30 -0400, networkman at triton.net wrote:
> > Very interesting, but rootkits are nothing new. They've existed for
> > well over ten years now; What's interesting about this is the breaking
> > of the web of trust. One rooted system gave access to SSH keys that
> > gave access to more systems, which garnered more SSH keys. It's worth
> > noting that a properly-setup
> >
> > This makes me wonder about the wisdom of using ssh keys to bypass
> > password restrictions. It's obviously safer to use ssh keys with
> > passwords tied to them.
> >
> > --
> > :wq
>
> Yes, I was thinking the same thing.. wondering why someone would rely on
> SSH keys alone? Of course, I'm not even pretending that I was able to
> follow all of the message that was provided either, but I've been involved
> with various DC projects to break encryption at varying levels just to
> prove it can be done, given a) enough time, or b) a way to come up with a
> short-cut. ;)
>
> Rich
>
>
> _______________________________________________
> grlug mailing list
> grlug at grlug.org
> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
http://troy.jdmz.net/rsync/index.html
rsynch over ssh would be one reason to do this.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shinobu.grlug.org/pipermail/grlug/attachments/20080819/ddcf369b/attachment.htm
More information about the grlug
mailing list